CVE-2022-25731 Incorrect Calculation of Buffer Size in MODEM

Information disclosure in modem due to buffer over-read while processing packets from DNS server...

CVE-2022-25731

CVE-2022-25731 concerns information disclosure in a modem component due to a buffer over-read while processing DNS server packets. The connected sources indicate the issue affects Qualcomm modem/chipset implementations (root cause described as incorrect buffer size calculation in the MODEM). Impa...

CVE-2022-25730

CVE-2022-25730 affects modem/Qualcomm chipsets due to an improper IP type check while processing DNS server queries, causing information disclosure. Root cause: erroneous handling of IP type in DNS processing. Impact per sources: confidentiality leakage; exploitability is network-based with low c...

CVE-2022-25730 Buffer Over-read in MODEM

Information disclosure in modem due to improper check of IP type while processing DNS server query...

CVE-2022-25730 Buffer Over-read in MODEM

Information disclosure in modem due to improper check of IP type while processing DNS server query...

CVE-2022-25726 Buffer Over-read in MODEM

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...

CVE-2022-25726

CVE-2022-25726 concerns information disclosure in Qualcomm modem data due to an array out-of-bounds access while handling the incoming DNS response packet. Affected component is Qualcomm chipsets/controllers with modem functionality; root cause described as improper bounds/length handling during ...

CVE-2022-25726 Buffer Over-read in MODEM

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...

CVE-2022-25678 Buffer Copy Without Checking Size of Input in MODEM

Memory correction in modem due to buffer overwrite during coap connection...

CVE-2022-25678

CVE-2022-25678 relates to memory corruption in Qualcomm modem chipsets caused by a buffer overwrite during a CoAP connection. The vulnerability’s root cause is a buffer overwrite in the modem, with impact described as memory correction. Affects Qualcomm chipsets’ modems; CVSS v3.1 base score 9.8 ...

CVE-2022-25678 Buffer Copy Without Checking Size of Input in MODEM

Memory correction in modem due to buffer overwrite during coap connection...

PT-2023-13294 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: Memory corruption occurs due to improper validation of an array index when a malformed APDU is sent from a card. Recommendations: At the moment, there is no information about a newer version...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Also fixed vulnerabilities in closed-source parts of Android that are developed by third parties, such as Qualcomm, Arm, Imagination Technologies, Unisoc and Mediatek. The vulnerabilities potentially enable a malicious person to execute attacks that...

PT-2023-12819 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure in the modem, caused by improper input validation during the parsing of upcoming CoAP messages. Recommendations: At the moment, there is no...

PT-2023-13299 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure due to a buffer over-read while parsing the wms message. This occurs when the buffer and its length are provided, leading to potential data...

PT-2023-13269 · Qualcomm · 9205 Lte Modem Firmware +18

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue is related to information disclosure due to a buffer over-read in a modem. This occurs when the modem is reading configuration parameters. Recommendations: At the moment, ther...

PT-2023-13276 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a time-of-check time-of-use race condition in the Modem when processing RRC Reconfiguration messages, which can cause a transient denial of service. Recommendations: A...

PT-2023-13245 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a transient Denial of Service DOS in the Modem due to a null pointer dereference. This occurs while processing incoming packets that utilize HTTP chunked encoding...

PT-2023-13249 · Qualcomm · Snapdragon +12

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue is related to information disclosure due to a buffer over-read in a modem. This occurs when the modem processes an IPv6 packet that contains either a hop-by-hop or destination...

PT-2023-12792 · Qualcomm · Snapdragon +12

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue involves a memory correction in the modem due to a buffer overwrite that occurs during a coap connection. Recommendations: At the moment, there is no information about a...